hp1 Posted May 8, 2008 Share Posted May 8, 2008 I've googled this one to death but to no avail.I'm trying to develop a VERY basic admin page that lets users update their own homepage. I have an admin page that will only display if a password is entered correctly.Once the the password has been entered the user can use a text area to update the homepage file. My problem is that when the 'submit' button is pressed it just goes back to the login page. I suspect it has something to do with using PHP_SELF and it not retaining the password information already entered.Maybe.Here is a basic version of my code, i know its a bit messy but the final version always gets tidied up! <?php$pword="passtest";$password=$_POST['password'];if($pword==$password){?>The current contents of your homepage are:<br/><?php $file = $_SERVER['DOCUMENT_ROOT'] . "/testdocs/home.php"; $contents = file($file); $string = implode($contents); if ($_POST['test']){$teststring=$_POST['admin'];echo "<span style=\"border:1px solid black;\">$teststring</span>";}else{echo "<span style=\"border:1px solid black;\">$string</span>"; }?><p/>?>//This is the form thats giving me problems. <form action='<?php echo $_SERVER['PHP_SELF']; ?>' method='post'><textarea name='admin' rows='10' cols='40'><?php echo $string; ?></textarea><br/><input name='submit' type='submit' value='submit'/><br/><input name='test' type='submit' value='test'/></form><?phpif ($_POST['submit']){$newstring=$_POST['admin'];$myFile = "home.php";$fh = fopen($myFile, 'w') or die("can't open file");$stringData = $newstring;fwrite($fh, $stringData);fclose($fh);}else{$newstring='';}?><?php}else{echo "<form name='test' method='post' action=$_SERVER[PHP_SELF]><input type='textbox' name='password'/><br/><input type='submit' name='submit' value='submit'/></form>";}?> The 'test' button is there to allow the user to see what their new page will look like before it is sent to the homepage file. Hope my code isnt too dodgy adn makes some kind of sense. Thanks in advance for any advice. Link to comment Share on other sites More sharing options...
Wander Posted May 8, 2008 Share Posted May 8, 2008 you only let that stuff show when a user entered a right password, when the user edits his page, it goes to the same page, then there is no post-data about the password anymore, so it will show the login-scriptif you want a user to stayed logged in you should either use cookies or better: sessions Link to comment Share on other sites More sharing options...
aspnetguy Posted May 8, 2008 Share Posted May 8, 2008 Use session. A very simple approach would be to set a flag ($_SESSION["LoggedIn"] = TRUE;) when the user logs in correctly. Then your script should check for the flag if($_SESSION["LoggedIn"] == TRUE) { //do something}else if($_POST["Password"] == "whatever it should be") { $_SESSION["LoggedIn"] = TRUE;}else { header("Location: login.php");} Link to comment Share on other sites More sharing options...
hp1 Posted May 8, 2008 Author Share Posted May 8, 2008 Thanks for the replies folks. I have not had any experience of using Sessions before so I will definitley have to do some reading on it. Thanks for the starter code aspnetguy, that really helps. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.